b'\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0\xc2\xa0     \xc2\xa0\n\n\n\n\n                                     U.S. DEPARTMENT OF THE INTERIOR\n                                       OFFICE OF INSPECTOR GENERAL\n    \xc2\xa0\n\n                                        INSPECTION REPORT\n\n\n\n\n                           PASSPORT OFFICES FAILING TO MANAGE AND\n                                 SECURE EMPLOYEE PASSPORTS\n\n                     REPORT NO. ER-EV-MOA-0002-2008         MAY 2009\n\x0c\x0c        Should you have any comments or questions regarding this report, please do not\nhesitate to contact me at 202\xe2\x80\x93208\xe2\x80\x935745.\n\ncc: Assistant Secretary, Land and Minerals Management\n    Assistant Secretary, Water and Science\n    Assistant Secretary, Policy, Management, and Budget\n    Deputy Assistant Secretary for Passport Services, Department of State\n    Acting Inspector General, Department of State\n\n\n\n\n                                             ii\n\x0c\xc2\xa0\n\n               PASSPORT OFFICES FAILING TO MANAGE AND\n                     SECURE EMPLOYEE PASSPORTS\n\n                                                TABLE OF CONTENTS\n\n\nIntroduction ....................................................................................................................................1\n\nDOI Cannot Account for Dozens of Passports Held by Former Employee..............................3\n\nViolations Abound in DOI Passport Offices................................................................................4\n\n           Document Management.....................................................................................................4\n\n           Storage ................................................................................................................................4\n\n                Disposal and Retention ................................................................................................6\n\n                Tracking ........................................................................................................................6\n\n                Training ........................................................................................................................7\n\nConclusion ......................................................................................................................................7\n\nRecommendations ..........................................................................................................................8\n\nAppendices\n\n           Scope, Methodology, and Prior Reviews ........................................................................A\n\n           Passport Security Requirements ..................................................................................... B\n      \xc2\xa0\n\n\n\xc2\xa0\n\x0c\xc2\xa0\n\n    INTRODUCTION\xc2\xa0\n    The U.S. passport is arguably the most coveted travel document in the\n    world. Required of U.S. citizens for international travel and re-entry\n    into the Country, the passport serves as official verification of the\n    bearer\xe2\x80\x99s origin, identity, and nationality. Each day, Americans submit\n    passports as identification to board domestic flights, obtain licenses to\n    drive, apply for loans, and verify their employability status.\n\n    The most recognizable passport, the blue-cover tourist passport, is\n    used to travel overseas for pleasure or to conduct private business.\n    However, the U.S. Department of State (State) issues two additional\n    types of passports, diplomatic and\n    official. A diplomatic passport is\n    carried by a federal employee or\n    contractor who has been granted the\n    privilege of diplomatic status\n    overseas. An official passport\n    identifies the bearer as a federal\n    employee or contractor who\n    represents the U.S. Government in an\n    official capacity abroad; it does not\n    convey diplomatic status. At DOI,\n    only the Secretary of the Interior holds a diplomatic passport, while all\n    other employees traveling overseas carry official passports.\n\n    The Office of Inspector General estimates that there are over 3,000\n    valid passports issued to current employees. These individuals fulfill a\n    wide variety of duties overseas to advance the Department\xe2\x80\x99s mission.\n    For instance, DOI\xe2\x80\x99s International Technical Assistance Program,\n    established in cooperation with the U.S. Agency for International\n    Development, has sent DOI employees to assist 25 countries to date.\n    These staff provide skills and knowledge in fields such as endangered\n    species conservation, invasive species control, and fire and water\n    resource management. For other employees, travel abroad constitutes\n    an integral part of their regular duties. For example, a number of U.S.\n    Fish and Wildlife Service (FWS) inspectors work along the Nation\xe2\x80\x99s\n    borders with Canada and Mexico and routinely enter those countries.\n    In addition, the Office of Insular Affairs regularly sends employees\n    overseas to monitor grant funds provided to the Federated States of\n    Micronesia, the Marshall Islands, and Palau under the Compacts of\n    Free Association.\n\n\n\n\n                                      1\n\x0c                                                                           \xc2\xa0\n\n                                                                           \xc2\xa0\n\xc2\xa0                                                                          \xc2\xa0\n\nTo facilitate the issuance of passports, the Code of Federal Regulations\n(CFR), in 22 C.F.R. \xc2\xa7 51.22(b), authorizes State to designate certain\nindividuals as passport acceptance agents. The CFR details their\nresponsibilities as:\n                                                                                                                   \xc2\xa0\n\n    \xef\x83\x98 certifying the identity of and administering an oath to passport\n                                                                                 The NBC Passport Office in\n      applicants;                                                               Washington, DC, manages the\n    \xef\x83\x98 safeguarding passport application information; and                       passport and visa process for all\n    \xef\x83\x98 avoiding a real or perceived conflict of interest with regard to         other DOI employees. NBC has\n      the passport process.                                                         two full-time passport\n                                                                                      acceptance agents.\n                                                                           \xc2\xa0\nCurrently, 10 DOI employees serve as passport acceptance agents.\nBeyond the duties outlined in the CFR, these individuals are\nresponsible for submitting completed applications to State, distributing   \xc2\xa0\nexecuted diplomatic and official passports to employees, obtaining any\n                                                                           \xc2\xa0\nrequired visas from foreign embassies, storing passports not needed by\ntravelers, reporting lost or missing passports to State, and returning\npassports to State after employees separate from DOI. The passport\nacceptance agents are based in one of three DOI offices. These are\nthe:\n                                                                                                                       \xc2\xa0\n    \xef\x83\x98 NBC Employee and Public Services Division (this office                      The USGS International\n      processes passport and visa requests for all DOI offices and              Programs Office, located in\n      bureaus except BOR and USGS);                                               Reston, VA, employs five\n    \xef\x83\x98 USGS International Programs Office in Reston, VA; and                        collateral-duty passport\n    \xef\x83\x98 BOR Native American and International Affairs Office located                 acceptance agents. One\n                                                                               additional position was vacant\n      in Washington, DC, and Denver, CO.                                        at the time of our inspection.\n                                                                           \xc2\xa0\nDiplomatic and official passport records maintained by these three\noffices are subject to the Privacy Act of 1974. To protect the privacy     \xc2\xa0\nof U.S. citizens, the Privacy Act places limitations on agencies\xe2\x80\x99          \xc2\xa0\n\n\n\n\ncollection, disclosure, and use of personal information maintained in\nsystems of records, such as passport and visa files. According to the\nPrivacy Act, when agencies establish or make changes to a system of\nrecords, they must notify the public by placing a notice in the \xe2\x80\x9cFederal\nRegister.\xe2\x80\x9d These notices are a primary means of establishing\naccountability for privacy protections (see 64 FR 16981 (April 7,                                                  \xc2\xa0\n1999) for DOI\xe2\x80\x99s notice). They identify, among other things, the type       \xc2\xa0\nof data collected, the location of the records, and information on how\nthe data are disposed of and secured.                                          The BOR Native American and\n                                                                                 International Affairs Office,\n\n\xc2\xa0\n                                                                               located in Washington, DC, and\n                                                                                  Denver, CO, employs three\n                                                                                   collateral-duty passport\n                                                                                      acceptance agents.\n                                                                           \xc2\xa0\n\n                                                                           \xc2\xa0\n                                      2\n                                                                           \xc2\xa0\n\xc2\xa0      \xc2\xa0\n                                                                           \xc2\xa0\n\x0cDOI\xc2\xa0CANNOT\xc2\xa0ACCOUNT\xc2\xa0FOR\xc2\xa0DOZENS\xc2\xa0OF\xc2\xa0\nPASSPORTS\xc2\xa0HELD\xc2\xa0BY\xc2\xa0FORMER\xc2\xa0EMPLOYEES\xc2\xa0\nThe Passport Offices were unable to account for 49 expired passports, at the time of our review\nthat were either missing or checked out to former employees. This number could be much\nhigher because, unlike USGS and BOR, NBC has no passport database and could not provide us\nwith a comprehensive list of valid passports. Since our initial visits in February, USGS and BOR\nhave collected passports from some separated employees and forwarded them to State for\ncancellation. While we applaud USGS and BOR for taking action immediately, DOI needs to do\nmuch more to ensure that departing employees return their official passports.\n\nThe wide ranging examples we found involve passport holders from the highest ranks of the\nDepartment to lower-ranking staff from a number of DOI\xe2\x80\x99s bureaus and offices. For example,\nthe NBC Passport Office cannot locate former Secretary of the Interior Gale Norton\xe2\x80\x99s diplomatic\npassport, which expires in 2010. Ms. Norton resigned 3 years ago and completed an employee\nexit clearance form at that time. All employees must complete these forms to ensure that they\nreturn all Government property and fulfill their financial obligations prior to leaving DOI. An\nNBC employee signed Ms. Norton\xe2\x80\x99s form indicating that the passport had been returned without\nactually receiving the passport. The NBC Passport Office was unable to tell us whether\nSecretary Norton\xe2\x80\x99s diplomatic passport was returned to State.\n\nIn addition, two former employees \xe2\x80\x94 a felon convicted after departing DOI and a high-level\nofficial who was investigated for ethics rules violations while working at DOI \xe2\x80\x94 ostensibly\nneglected to return their official passports to the NBC Passport Office (see below). We found no\nevidence that NBC asked State to cancel these passports, which remained valid for months after\nthe employees left DOI. We found that their official passports are missing from their files in the\nNBC Passport Office.\n\n       \xef\x83\x98 Milton K. Dial, a former MMS employee, pled guilty to the felony charge of\n         arranging a contract for a former colleague who hired him 6 months after his\n         retirement from DOI. His official passport expired in February 2009, more than 4\n         years after he left federal service and approximately 4 months following his guilty\n         plea.\n\n       \xef\x83\x98 David P. Smith, a former Fish, Wildlife, and Parks employee, was investigated twice\n         during his tenure at DOI for violating ethics standards. His official passport expired\n         in April 2007, 9 months after his resignation.\n\nAccording to passport acceptance agents at NBC, USGS, and BOR, they are responsible for\npassports but have no control over the Department\xe2\x80\x99s checkout procedures. They have to trust\nthat current employees will return their passports between trips and that separating employees\nwill return their passports to the appropriate Passport Office. Furthermore, the Passport Offices\n\n\n\n                                                3\n\x0c\xc2\xa0\n     are not always informed in advance of an employee\xe2\x80\x99s separation so\n     that an agent can obtain the departing employee\xe2\x80\x99s passport for\n     return to State for cancelation. As they stand, the checkout\n     procedures are not effective and need to be improved.\n\n\n     VIOLATIONS\xc2\xa0ABOUND\xc2\xa0IN\xc2\xa0DOI\xc2\xa0\n     PASSPORT\xc2\xa0OFFICES\xc2\xa0\n     During our inspections of the Passport Offices, we observed\n     numerous violations of federal and Departmental requirements\n     governing security of passports, visas, and passport applications\n     (see Table 1.) In the absence of Departmental oversight,\n     responsibility for protecting sensitive documents and information\n     has devolved to the bureaus. All of the Passport Offices function\n     autonomously; none functions properly.\n\n     While the problems vary across each of these offices, in general,\n     we found a combination of inadequate resources, a lack of\n     understanding of security requirements for passports, and an\n     inability to track passports. These conditions have resulted in the\n     improper storage, retention, tracking of passports, visas, and\n     applications, and inadequate protection of Privacy Act information.\n\n     Document Management\n\n     Storage\n     In 64 FR 16981 (April 7, 1999), DOI informed the public that it\n     keeps passport and visa records in steel safes with manipulation-\n     proof, three-way combination locks. We found, however, that the\n     NBC and USGS Passport Offices store passports and visas in filing\n     cabinets that are lockable only by key. The NBC Passport Office\n     also stored over 400 expired passports in an unlocked drawer (see\n     photograph on page 6). Furthermore, approximately 200 files\n     containing passport applications and expired passports were\n     stacked on unsecured shelves and spilled onto the floor just inside\n     the entrance to the NBC Passport Office. These files were readily\n     accessible to unauthorized personnel. (See report cover.)\n\n\n\n\n                       4\n\n.\xc2\xa0\n\x0c       Table\xc2\xa01.\xc2\xa0Violations\xc2\xa0of\xc2\xa0Federal\xc2\xa0and\xc2\xa0Departmental\xc2\xa0Requirements\xc2\xa0Governing\xc2\xa0\n       Security\xc2\xa0of\xc2\xa0Passports,\xc2\xa0Visa,\xc2\xa0and\xc2\xa0Passport\xc2\xa0Applications\n\n\nFurther, none of the Passport Offices afforded passport applications the same level of security as\npassports, even though the personal information contained in completed applications (mother\xe2\x80\x99s\nmaiden name, social security numbers, and addresses) is more sensitive than that in passports. A\ncase involving State illustrates the ease with which identities can be stolen using information\ngleaned from passport applications. Specifically, an incident in Washington, DC, in October\n2008 prompted State to notify approximately 400 passport applicants of a breach in its database\nsecurity. Police officers had stopped a vehicle and found 21 credit cards in names other than the\ndriver\xe2\x80\x99s and printouts of eight completed passport applications. Four of the names on the\npassport applications matched names on the credit cards. Investigation revealed that the driver\nworked with co-conspirators at State and the U.S. Postal Service.\n\nIn fact, none of the DOI Passport Offices stored all of their passport applications in a locked safe,\ncabinet, or drawer. According to the Departmental Manual (383 DM 8.2), bureaus should\nimplement more stringent safeguards for systems of records containing particularly sensitive\ninformation than the minimum required because the sensitivity of such information may vary\nfrom one system of records to another.\n\nWe were unable to determine the locations of all DOI-maintained official passports. According\nto 64 FR 16981, passports and visas are kept only at the NBC Passport Office; however, we\nfound thousands of passports stored in the BOR Passport Office in Washington, DC, and at\nUSGS Headquarters in Reston, VA. The USGS and BOR Passport Offices are not listed in\n\n                                                 5\n\x0c64 FR 16981, as required. We also discovered that FWS stored passports in offices near the\nU.S./Canadian border; we were unable to obtain the addresses of those offices. Without a\ncomprehensive list of all locations where passports are kept, DOI managers and Privacy Act\nofficers cannot effectively manage these records or ensure that diplomatic and official passports\n                                                                 are secured appropriately.\n\n                                                                  Disposal and Retention\n                                                                  General Records Schedule\n                                                                  (GRS) Number 9, which is cited\n                                                                  in 64 FR 16981, requires that\n                                                                  each official passport be\n                                                                  returned to State upon expiration\n                                                                  or separation of the employee.\n                                                                  We found that the USGS and\n                                                                  BOR Passport Offices kept\n                                                                  expired passports on file and\n                                                                  retained passport applications\n                                                                  longer than federal regulations\n                                                                  allowed. The passport\n                                                                  acceptance agents we\n            This\xc2\xa0photograph\xc2\xa0shows\xc2\xa0over\xc2\xa0400\xc2\xa0expired\xc2\xa0               interviewed were not aware of\n            passports\xc2\xa0stored\xc2\xa0in\xc2\xa0an\xc2\xa0unlocked\xc2\xa0drawer\xc2\xa0               the GRS requirement.\n                   in\xc2\xa0the\xc2\xa0NBC\xc2\xa0Passport\xc2\xa0Office.\xc2\xa0\n                                                                    Furthermore, the Privacy Act\nitself states that an agency shall maintain in its records only such information as is relevant and\nnecessary to accomplish a purpose of the agency (5 U.S.C. \xc2\xa7 552a(e)(1)). In addition, 22 C.F.R.\n\xc2\xa7 51.22(e)(2) prohibits passport acceptance agents from retaining copies of executed passport\napplications. DOI does not require copies of executed passport applications to effectively carry\nout its mission. Nevertheless, one BOR passport acceptance agent informed us that she kept\ncopies of completed applications on file for up to 5 years. USGS staff also stated that they\nretained copies of passport applications for up to 3 years after passports were issued.\n\nTracking\nThe Government Accountability Office (GAO) \xe2\x80\x9cStandards for Internal Control in the Federal\nGovernment\xe2\x80\x9d states, \xe2\x80\x9cInternal control and all transactions and other significant events need to be\nclearly documented, and the documentation should be readily available for examination. . . . All\ndocumentation and records should be properly managed and maintained.\xe2\x80\x9d Unfortunately, none\nof the Passport Offices has an adequate means to track the location and status of official\npassports or to determine whether passports of separated employees have been returned to State,\nas required.\n\nFor example, NBC has no database; when we asked for information, NBC provided an\nincomplete list that only included passports processed recently. As a result, NBC could not tell\nus how many valid passports it manages. In fact, the NBC Passport Office passport acceptance\nagents could not locate 2 of the 20 passport files we selected for review from their records. To\n\n\n\n                                                 6\n\x0cdate, these files, which likely contain Privacy Act information and may even hold the employees\xe2\x80\x99\nofficial passports and visas, remain missing.\n\nTraining\nThe July 2007 report titled \xe2\x80\x9cCommon Risks Impeding the Adequate Protection of Government\nInformation\xe2\x80\x9d issued by Department of Homeland Security (DHS) and Office of Management and\nBudget (OMB) (see Appendix A) identified inadequate training as one of the top 10 mistakes\nfederal agencies make in protecting privacy information. We also found training of DOI\npassport acceptance agents to be inadequate.\n\nPrivacy Act Requirements\nEven though passport acceptance agents must be certified by State before assuming their duties\nand must take DOI\xe2\x80\x99s annual Privacy Act training, we found that these individuals are largely\nunaware of how to protect sensitive information according to regulatory and Departmental\nrequirements (see Appendix B). In fact, NBC and USGS failed to post Privacy Act notices in\naccordance with the Departmental Manual (383 DM 8.3A). Areas where Privacy Act\ninformation is stored should be posted with warnings regarding access limitation, standards of\nconduct for employees handling such information, and possible criminal penalties for violations.\nIn fact, none of the Passport Offices store passports and passport-related documents in\naccordance with the Act \xe2\x80\x94 contrary to DOI\xe2\x80\x99s assertions in 64 FR 16981 (April 7, 1999).\n\nPassport Acceptance Agent Refresher Courses\nThe current regimen of training given by State is also inadequate to ensure appropriate handling\nof passports by acceptance agents and their supervisors over the long-term. One passport\nacceptance agent stated that she completed the required training to become an agent in 1999.\nShe has not had a refresher course on handling passports and passport-related documents since\nthat time.\n\nTo address training inadequacies, DHS and OMB included best practices in their July 2007\nreport. We believe a number of those practices would benefit the Passport Offices. Specifically,\ntraining could be 1) tailored to address the requirements of the Passport Offices in terms of\npassport acceptance agent roles and responsibilities, 2) given upon hiring and at least once a year\nthereafter, and 3) assessed regularly for its effectiveness and modified as requirements change.\nSuch training would exceed the standard annual Privacy Act training; it would encompass all\nPrivacy Act, federal, and Departmental requirements that pertain to the handling and protection\nof passports and passport-related documents (see Appendix B).\n\n\nCONCLUSION\xc2\xa0\nDOI and the Passport Offices are failing in their responsibility to collect passports from\ndeparting employees, as well as to dispose of them properly, and to ensure proper storage,\nretention, and handling of passports and passport applications. Their mismanagement and\ninadequate protection of diplomatic and official passports violate law and federal and\nDepartmental regulations. As a result, they have openly invited misuse of U.S. passports; cases\nof fraud or theft of employee identities could easily result.\n\n                                                 7\n\x0cRECOMMENDATIONS\xc2\xa0\nBy implementing the following recommendations, we believe DOI can address the problems\nidentified in this inspection.\n\nWe recommend that the Secretary direct the Department to:\n\n   1. Issue a revision of 64 FR 16981 to accurately reflect the location of the passport offices\n      and to update any other items that might be in error or outdated.\n\n   2. Issue a revision of 383 DM 8.3B to be consistent with the standards laid out in 64 FR\n      16981 regarding the storage of passports and passport applications.\n\n   3. Require that passport acceptance agents undergo regular training on federal and\n      Departmental standards governing the managing and securing of passports and passport-\n      related information (see recommendation 4 below).\n\nWe recommend that the Secretary direct NBC, USGS, and BOR to:\n\n   1. Develop a process to ensure that passports, visas, and passport applications are stored,\n      retained, disposed of, and tracked in accordance with federal (Privacy Act) and\n      Departmental regulations. Particular attention should be paid to making sure employees\n      return their diplomatic and official passports to DOI before separating and notifying State\n      of any uncollected passports.\n\n   2. Destroy passport applications once State issues the corresponding passports.\n\n   3. Post Privacy Act notices clearly wherever passports, visas, and passport applications are\n      stored.\n\n   4. Consult with State regarding the provision and content of regular training to DOI\n      passport acceptance agents on federal and Departmental standards that govern the\n      managing and securing of passports and passport-related information.\n\n\n\n\n                                                8\n\x0c\xc2\xa0\n\nSCOPE,\xc2\xa0METHODOLOGY,\xc2\xa0AND\xc2\xa0PRIOR\xc2\xa0REVIEWS\xc2\xa0\nThe objective of our inspection was to determine whether DOI has collected passports from\nseparating employees, as well as disposed of them appropriately and secured passports, visas,\nand passport applications in accordance with federal and Departmental regulations.\n\nWe conducted this inspection from January to March 2009, in accordance with the \xe2\x80\x9cQuality\nStandards for Inspections\xe2\x80\x9d issued by the President\xe2\x80\x99s Council on Integrity and Efficiency. To\naccomplish our objectives, we:\n\n    \xef\x83\x98 attempted to gain unauthorized access to the NBC and BOR Passport Offices;\n\n    \xef\x83\x98 observed the passport application process by submitting an application for an OIG\n      employee who required a passport for official travel;\n\n    \xef\x83\x98 performed an unannounced inspection of the BOR, NBC, and USGS Passport Offices on\n      January 29, 2009;\n\n    \xef\x83\x98 interviewed passport acceptance agents at the NBC Passport Office in Washington, DC;\n      the USGS Passport Office in Reston, VA, and the BOR Passport Office in Washington,\n      DC, and Denver, CO regarding passport security and the process for disposing of\n      passports;\n\n    \xef\x83\x98 selected a sample of 52 DOI passport holders to determine whether the passport\n      acceptance agents could account for these employees\xe2\x80\x99 passports; and\n\n    \xef\x83\x98 determined whether employees who separated from DOI before February 1, 2009,\n      returned their diplomatic and official passports prior to leaving the Department.\n\nPrior Reviews\nOver the past 5 years, GAO has issued several reports related to the physical security over\npassports, passport fraud, and protection of Privacy Act information. The following reports were\nmost applicable to our inspection of the DOI Passport Offices:\n\n    \xef\x83\x98 \xe2\x80\x9cAddressing Significant Vulnerabilities in the Department of State\xe2\x80\x99s Passport\n      Issuance Process,\xe2\x80\x9d Statement of Jess T. Ford, Director, International Affairs and\n      Trade and Gregory D. Kutz, Managing Director, Forensic Audits and Special\n      Investigations, Correspondence to the Senate Committee on the Judiciary\n      (Subcommittee on Terrorism and Homeland Security), Report No. GAO-09-583R,\n      Issued April 13, 2009. In their correspondence to the Senate, Mr. Ford and Mr. Kutz\n      reported that State Department continues to face significant fraud vulnerabilities in their\n      passport issuance process. They recounted that a GAO undercover investigator easily\n      obtained genuine U.S. passports using counterfeit or fraudulently obtained documents.\n\n\n\n                                               A-1\n\x0c       Reducing these risks, according to officials at State, will require greater cooperation\n       between State and other agencies at both the federal and state levels, including the need\n       to access electronic records of other agencies in real time.\n\n   \xef\x83\x98 \xe2\x80\x9cSecurity of New Passports and Visas Enhanced, but More Needs to Be Done to\n     Prevent Their Fraudulent Use,\xe2\x80\x9d Report No. GAO-07-1006, issued July 2007. GAO\n     reported that State did not have a structured process to periodically reassess the\n     effectiveness of passports\xe2\x80\x99 security features against evolving threats or to actively plan\n     for new generations of passports. The report also noted that State lacked a program to\n     oversee thousands of passport acceptance facilities, which verify the identity of millions\n     of passport applicants each year. Such a program, according to GAO, would help\n     minimize the risk of passport fraud.\n\n   \xef\x83\x98 \xe2\x80\x9cPreventing and Responding to Improper Disclosures of Personal Information,\xe2\x80\x9d\n     Statement of David M. Walker, Comptroller General, Before the House Committee\n     on Government Reform, Report No. GAO-06-833T, issued June 2006. In his\n     testimony, the Comptroller General addressed a security breach at the Department of\n     Veterans Affairs, in which the personal data of millions of veterans were compromised.\n     Although the testimony largely discussed information technology security, the\n     Comptroller General noted that practical measures aimed at preventing inadvertent data\n     breaches include limiting the collection of personal data, limiting the time that such data\n     are retained, limiting access to personal information, and training personnel accordingly.\n\n   \xef\x83\x98 \xe2\x80\x9cImprovements Needed to Strengthen U.S. Passport Fraud Detection Efforts,\xe2\x80\x9d\n     Report No. GAO-05-477, issued May 2005. GAO reported that State faced a variety of\n     challenges to its passport fraud detection efforts, making it more difficult to protect U.S.\n     citizens from terrorists and criminals. For instance, information listed in the\n     Government\xe2\x80\x99s consolidated terrorist watch list was not systematically provided to State.\n     Furthermore, State did not routinely obtain from the Federal Bureau of Investigation the\n     names of individuals wanted by federal or any of the States\xe2\x80\x99 law enforcement authorities.\n     As a result, the Consular Lookout and Support System database did not contain\n     information on a number of fugitives suspected of murder, child sex offenses, drug\n     trafficking, and other heinous crimes. In addition, GAO noted that State made oversight\n     visits to only a limited number of passport acceptance facilities each year and did not\n     maintain records of all individuals authorized to accept passports at those locations.\n\nWe noted one additional report applicable to security over privacy information, which\nDepartment of Homeland Security and the Office of Management and Budget prepared in\nresponse to a request made by the President\xe2\x80\x99s Identity Theft Task Force:\n\n   \xef\x83\x98 \xe2\x80\x9cCommon Risks Impeding the Adequate Protection of Government Information,\xe2\x80\x9d\n     issued July 2007 by the Department of Homeland Security and the Office of\n     Management and Budget. This report highlighted 10 \xe2\x80\x9cmistakes\xe2\x80\x9d commonly made by\n     Government agencies entrusted with security and privacy information. It also detailed\n     best practices and resources to help agencies avoid and mitigate these risks. The\n     common mistakes included: 1) inadequate security and privacy training;\n\n                                              A-2\n\x0c2) missing safeguarding procedures from contracts and data sharing agreements between\nagencies; 3) inaccurate information inventories that do not correctly describe where\ninformation is stored; 4) incorrect or inappropriate scheduling, archiving, or destroying of\ninformation; 5) untimely identification and reporting of suspicious activities and security\nincidents; 6) inadequate or absent audit trails documenting information processing; and\n7) insufficient physical security controls over privacy information; 8) inadequate\ninformation security controls; 9) insufficient protection of information accessed or\nprocessed remotely; and, 10) premature use of information technology and products\nbefore application of security and privacy standards and guidelines.\n\n\n\n\n                                        A-3\n\x0c                                                                         Appendix B\n\xc2\xa0\n\nPASSPORT\xc2\xa0SECURITY\xc2\xa0REQUIREMENTS\xc2\xa0\n\n                           \xe2\x80\xa2Passport\xc2\xa0acceptance\xc2\xa0agents\xc2\xa0must\xc2\xa0not\xc2\xa0retain\xc2\xa0copies\xc2\xa0\n    22\xc2\xa0CFR\xc2\xa0\xc2\xa7 51.22(e)(2)    of\xc2\xa0executed\xc2\xa0passport\xc2\xa0applications.\n\n\n\n\n                           \xe2\x80\xa2The\xc2\xa0sensitivity\xc2\xa0of\xc2\xa0personal\xc2\xa0information\xc2\xa0may\xc2\xa0vary\xc2\xa0\n                            from\xc2\xa0one\xc2\xa0system\xc2\xa0of\xc2\xa0records\xc2\xa0to\xc2\xa0another.\xc2\xa0\xc2\xa0Bureaus\xc2\xa0\n        383\xc2\xa0DM\xc2\xa08.2          should\xc2\xa0implement\xc2\xa0safeguards\xc2\xa0beyond\xc2\xa0the\xc2\xa0required\xc2\xa0\n                            minimum\xc2\xa0for\xc2\xa0systems\xc2\xa0of\xc2\xa0records\xc2\xa0containing\xc2\xa0\n                            particularly\xc2\xa0sensitive\xc2\xa0information.\n\n\n\n                           \xe2\x80\xa2The\xc2\xa0area\xc2\xa0where\xc2\xa0Privacy\xc2\xa0Act\xc2\xa0information\xc2\xa0is\xc2\xa0stored\xc2\xa0\n                            should\xc2\xa0be\xc2\xa0posted\xc2\xa0with\xc2\xa0warnings\xc2\xa0regarding\xc2\xa0access\xc2\xa0\n       383\xc2\xa0DM\xc2\xa08.3A          limitation,\xc2\xa0standards\xc2\xa0of\xc2\xa0conduct\xc2\xa0for\xc2\xa0employees\xc2\xa0\n                            handling\xc2\xa0such\xc2\xa0information,\xc2\xa0and\xc2\xa0possible\xc2\xa0criminal\xc2\xa0\n                            penalties\xc2\xa0for\xc2\xa0violations.\n\n\n\n                           \xe2\x80\xa2At\xc2\xa0all\xc2\xa0times,\xc2\xa0access\xc2\xa0to\xc2\xa0Privacy\xc2\xa0Act\xc2\xa0records\xc2\xa0should\xc2\xa0\n                            be\xc2\xa0restricted\xc2\xa0by\xc2\xa0storing\xc2\xa0the\xc2\xa0records\xc2\xa0in\xc2\xa0a\xc2\xa0locked\xc2\xa0\n       383\xc2\xa0DM\xc2\xa08.3B          metal\xc2\xa0file\xc2\xa0cabinet\xc2\xa0or\xc2\xa0locked\xc2\xa0room,\xc2\xa0except\xc2\xa0when\xc2\xa0the\xc2\xa0\n                            room\xc2\xa0is\xc2\xa0occupied\xc2\xa0by\xc2\xa0authorized\xc2\xa0personnel.\n\n\n\n                           \xe2\x80\xa2Passports\xc2\xa0and\xc2\xa0visas\xc2\xa0are\xc2\xa0stored\xc2\xa0in\xc2\xa0a\xc2\xa0steel\xc2\xa0safe\xc2\xa0with\xc2\xa0\n                            a\xc2\xa0manipulation\xe2\x80\x90proof,\xc2\xa0three\xe2\x80\x90way\xc2\xa0combination\xc2\xa0\n        64\xc2\xa0FR\xc2\xa016981\xc2\xa0        lock.\n       (April\xc2\xa07,\xc2\xa01999)     \xe2\x80\xa2Passports\xc2\xa0and\xc2\xa0visas\xc2\xa0are\xc2\xa0retained\xc2\xa0and\xc2\xa0disposed\xc2\xa0of\xc2\xa0\n                            in\xc2\xa0accordance\xc2\xa0with\xc2\xa0General\xc2\xa0Records\xc2\xa0Schedule\xc2\xa0No.\xc2\xa0\n                            9.\n\n\n\n\n     General\xc2\xa0Records\xc2\xa0      \xe2\x80\xa2Official\xc2\xa0passports\xc2\xa0should\xc2\xa0be\xc2\xa0returned\xc2\xa0to\xc2\xa0State\xc2\xa0\n                            upon\xc2\xa0expiration\xc2\xa0or\xc2\xa0upon\xc2\xa0separation\xc2\xa0of\xc2\xa0the\xc2\xa0\n     Schedule\xc2\xa0No.\xc2\xa09         employee.\n\n\n\n\n                                    B-1\n\x0c\xc2\xa0\n\x0c'